package com.example.shirodemo;

import com.demo.bean.User;
import com.demo.result.AjaxResult;
import com.example.shirodemo.framework.shiro.utils.ShiroUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * LoginController
 *
 * @author : SPL
 * @since : 2021-05-10 17:51
 **/
@RestController
@RequestMapping
public class LoginController {

    @GetMapping("/login")
    public Object login() {

        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken("张三", "11111");
        subject.login(token);
        User user = ShiroUtil.getCurrentUser();
        //将当前登录的用户放入session
        Session session = subject.getSession();
        session.setAttribute("curr_user", user);
        return AjaxResult.success();
    }

    @GetMapping("/test")
    @RequiresPermissions("user/add")//有权限
    public Object test() {
        User user = ShiroUtil.getCurrentUser();
        return user;
    }

    @GetMapping("/test1")
    @RequiresPermissions("user/delete")//无权限
    public Object test1() {
        User user = ShiroUtil.getCurrentUser();
        return user;
    }

    @GetMapping("/test21")
    @RequiresRoles({"admin"})//有权限
    public Object test21() {
        User user = ShiroUtil.getCurrentUser();
        return user;
    }

    @GetMapping("/test22")
    @RequiresRoles({"xxx"})//无权限
    public Object test22() {
        User user = ShiroUtil.getCurrentUser();
        return user;
    }

}
